webaccess.duckdns.org
Open in
urlscan Pro
89.47.165.229
Malicious Activity!
Public Scan
Effective URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.a...
Submission Tags: @ipnigh
Submission: On August 23 via api from GB
Summary
This is the only time webaccess.duckdns.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 24 | 89.47.165.229 89.47.165.229 | 62282 (RACKRAY U...) (RACKRAY UAB Rakrejus) | |
1 | 2606:2800:234... 2606:2800:234:660:118e:28f:1d8a:2522 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 172.227.112.154 172.227.112.154 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a00:1450:400... 2a00:1450:4001:814::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
38 | 5 |
ASN62282 (RACKRAY UAB Rakrejus, LT)
PTR: 50f8.l.hostens.cloud
webaccess.duckdns.org |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
fast.fonts.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-112-154.deploy.static.akamaitechnologies.com
www.mydhl.dhl.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
duckdns.org
2 redirects
webaccess.duckdns.org |
442 KB |
2 |
google-analytics.com
www.google-analytics.com |
17 KB |
1 |
dhl.com
www.mydhl.dhl.com |
135 KB |
1 |
fonts.net
fast.fonts.net |
322 B |
38 | 4 |
Domain | Requested by | |
---|---|---|
24 | webaccess.duckdns.org |
2 redirects
webaccess.duckdns.org
|
2 | www.google-analytics.com |
webaccess.duckdns.org
|
1 | www.mydhl.dhl.com |
webaccess.duckdns.org
|
1 | fast.fonts.net |
webaccess.duckdns.org
|
38 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
www.mydhl.dhl.com DigiCert SHA2 Secure Server CA |
2018-08-01 - 2020-01-30 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: 9CD4141C2CAF0D5BDE47BA2172535371
Requests: 31 HTTP requests in this frame
Frame:
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 171AE71A4F87912533659B2A52EE03AA
Requests: 1 HTTP requests in this frame
Frame:
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 07862CA341D30E0B622A9AADB82496F6
Requests: 1 HTTP requests in this frame
Frame:
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 4BF27B7BAF9381E566E4C9B6FD12455D
Requests: 1 HTTP requests in this frame
Frame:
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: E4B4A04EAE2F554D6F19390F6598C0BC
Requests: 1 HTTP requests in this frame
Frame:
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 1AF711E826F5493D6E9D24A4D1A96D64
Requests: 1 HTTP requests in this frame
Frame:
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 62A6F8B273E6DAA47A34CF9E97833D54
Requests: 1 HTTP requests in this frame
Frame:
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: F9E264F67E5A0AFDC3A822184AADAE5E
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://webaccess.duckdns.org/dhl
HTTP 301
http://webaccess.duckdns.org/dhl/ HTTP 302
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://webaccess.duckdns.org/dhl
HTTP 301
http://webaccess.duckdns.org/dhl/ HTTP 302
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- http://www.google-analytics.com/ga.js HTTP 307
- https://www.google-analytics.com/ga.js
- http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=623190397&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=2061305318&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566562380475&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1765635795.1566562380.1566562380.1566562380.1%3B%2B__utmz%3D185562287.1566562380.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~ HTTP 307
- https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=623190397&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=2061305318&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566562380475&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1765635795.1566562380.1566562380.1566562380.1%3B%2B__utmz%3D185562287.1566562380.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
webaccess.duckdns.org/dhl/ Redirect Chain
|
22 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ga.js
webaccess.duckdns.org/dhl/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.css
fast.fonts.net/t/ |
0 322 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
webaccess.duckdns.org/dhl/Files/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buttons.js
webaccess.duckdns.org/dhl/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util.js
webaccess.duckdns.org/dhl/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
webaccess.duckdns.org/dhl/Files/ |
121 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugins.min.js
webaccess.duckdns.org/dhl/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
webaccess.duckdns.org/dhl/Files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dhl_logo_transparent.png
webaccess.duckdns.org/dhl/Files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form_help.png
webaccess.duckdns.org/dhl/Files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mydhl_benefit_1.png
webaccess.duckdns.org/dhl/Files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mydhl_benefit_2.png
webaccess.duckdns.org/dhl/Files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mydhl_benefit_3.png
webaccess.duckdns.org/dhl/Files/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mydhl_benefit_4.png
webaccess.duckdns.org/dhl/Files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mydhl_benefit_5.png
webaccess.duckdns.org/dhl/Files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DHL_footer_logo.png
webaccess.duckdns.org/dhl/Files/ |
724 B 992 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dhl-print.css
webaccess.duckdns.org/dhl/Files/ |
546 B 813 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mydhl_image_western-cultural.jpg
www.mydhl.dhl.com/content/dam/Local_Images/g0/express/mydhl/ |
134 KB 135 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-header.png
webaccess.duckdns.org/dhl/images/ |
32 KB 32 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow_navigation_main_bottom.png
webaccess.duckdns.org/dhl/images/ |
14 KB 14 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
443d53e8-5a36-44d4-a132-02501f29ccb4.woff2
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 171A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 0786 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 4BF2 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame E4B4 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 1AF7 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 62A6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame F9E2 |
156 KB 156 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-arrow-close.png
webaccess.duckdns.org/dhl/images/ |
33 KB 33 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
www.google-analytics.com/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
servicelink_separator.gif
webaccess.duckdns.org/dhl/images/ |
33 KB 33 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
www.google-analytics.com/ Redirect Chain
|
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F9E2 |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F9E2 |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F9E2 |
155 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e934c7fe-0eba-45c0-be91-b05ff19b5073.woff
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
758b3adb-babc-432f-8224-6d5987a29d87.woff
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
a0db12d8-1ce6-447c-88db-a84df4843728.ttf
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.mydhl.dhl.com
- URL
- https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/443d53e8-5a36-44d4-a132-02501f29ccb4.woff2
- Domain
- www.mydhl.dhl.com
- URL
- https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2
- Domain
- webaccess.duckdns.org
- URL
- http://webaccess.duckdns.org/dhl/Files/video_921234.html
- Domain
- webaccess.duckdns.org
- URL
- http://webaccess.duckdns.org/dhl/Files/video_921234.html
- Domain
- webaccess.duckdns.org
- URL
- http://webaccess.duckdns.org/dhl/Files/video_921234.html
- Domain
- webaccess.duckdns.org
- URL
- http://webaccess.duckdns.org/dhl/Files/video_921234.html
- Domain
- webaccess.duckdns.org
- URL
- http://webaccess.duckdns.org/dhl/Files/video_921234.html
- Domain
- webaccess.duckdns.org
- URL
- http://webaccess.duckdns.org/dhl/Files/video_921234.html
- Domain
- www.mydhl.dhl.com
- URL
- https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/e934c7fe-0eba-45c0-be91-b05ff19b5073.woff
- Domain
- www.mydhl.dhl.com
- URL
- https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/758b3adb-babc-432f-8224-6d5987a29d87.woff
- Domain
- www.mydhl.dhl.com
- URL
- https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
- Domain
- www.mydhl.dhl.com
- URL
- https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/a0db12d8-1ce6-447c-88db-a84df4843728.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| currentLanguage string| calendarLanguage string| contextPath string| btnConfirmOk string| btnConfirmCancel string| linkMore string| linkLess string| dateFormatPattern function| validate object| _gaq object| _gat object| gaGlobal0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fast.fonts.net
webaccess.duckdns.org
www.google-analytics.com
www.mydhl.dhl.com
webaccess.duckdns.org
www.mydhl.dhl.com
172.227.112.154
2606:2800:234:660:118e:28f:1d8a:2522
2a00:1450:4001:814::200e
89.47.165.229
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
38c387b0151772ae21faabbfed1281b46163aa484168d870440f82b64e736063
3dbafdfa54ef76441f3f5e406264767885421889ccab69744e3f7d4226aebe9e
516ced1cfe81b07e87c82fa922a5ddfc8e342ce9b7ce68fc3ad2961a29ebd264
69f3cd5711722de0b3ce814b2b51d01f60b0c270042659e9972c2b34265ad773
6b183a115aa27f57c515661c33997b1c96999981ac7e0534e4a46f1c19377c49
77511e8beca58bc2e49bee41d5ad842b9da8c16370a36a15c2fe253b1fa79530
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
923af17a696678ea2d075ca1c037258b629dc5ab4cd2f0cb3de96dd59328592a
9f6e2d3a6f15517380d4582c8770aee1ca0d29e53d5966aa6982c9f46a8c9efe
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8
b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879
b3b3f72fefa8480eef99644b25181c2b18a91464466f24557ed598af68fee7dc
b76821127423f9469cced9162d607ca799e63694ba7a851896c0a96a34ab2927
baffd233b0f77bcc50519a65a1e06f71ce63a8f4109581939029021878b56f59
c4cc8903ada12b36c2dd200b0247fe6731796a04cb48f8dc0573df2a27852160
cba36ffea0e05b51840b73b915ec8bdc13f68e7f8ca88565fabca1baaf75a00c
e0556ca17eba8429f9d2d2b3997ff5d5386e350b3feed19347667de553a05110
e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1ce994ce1004b1313c0b67bb411516a340a574e7ae965b40ab9b1f28c2789